[KLUG Members] auto-nullrouting
Jamie McCarthy
jamie at mccarthy.vg
Wed Nov 23 11:27:07 EST 2005
bruce at armintl.com (Bruce Smith) writes:
> It's been my experience that the easiest solution is to simply
> change the port SSHD listens on to a high/non-standard port. The
> dictionary attach bots only scan port 22.
>
> I personally only allow SSH keys to login and turn off password
> authentication.
I'd rather not do either of those things, since I have other users
I'm letting use this machine of varying levels of technical
sophistication. Alternate ports and key requirements will
probably guarantee me having to do (shudder) tech support.
> And if you really want to block, I have some netfilter (iptables)
> rules that will block port 22 for awhile after detecting a high
> frequency of connections in a short period of time.
That's what I want to do, yes. :)
--
Jamie McCarthy
http://mccarthy.vg/
jamie at mccarthy.vg
More information about the Members
mailing list